Practice Test 1
Completed on 14-June-2020
  • Attempt
    01
  • Marks Obtained
    0 / 55
  • Your score
    0.0%
  • Time Taken
    00 H 00 M 03 S
  • Result
    Failed
Domains wise Quiz Performance Report
No Domain Total Question Correct Incorrect Unattempted Marked as Review
1 Design a data platform solution 10 0 0 10 0
2 Design for deployment, migration, and integration 6 0 0 6 0
3 Determine workload requirements 11 0 0 11 0
4 Design a business continuity strategy 9 0 0 9 0
5 Design for identity and security 7 0 0 7 0
6 Design an infrastructure strategy 12 0 0 12 0
Total All Domain 55 0 0 55 0
Review the Answers
Question 1

A company is setting up a data storage solution for their on-premise location. They have to ensure that data is automatically replicated to Azure.

They decide to include using Azure BLOB storage as part of their storage solution

Would this fulfil the requirement?

Ask our Experts
View Queries
Question 2

A company is setting up a data storage solution for their on-premise location. They have to ensure that data is automatically replicated to Azure.

They decide to include using Azure Table storage as part of their storage solution

Would this fulfil the requirement?

Explanation:

Answer – B

This is table level storage available in Azure. This is not the ideal solution for replicating data between on-premise and Azure.

For more information on Azure Table storage, please visit the below URL

https://azure.microsoft.com/en-us/services/storage/tables/

Ask our Experts
View Queries
Question 3

A company is setting up a data storage solution for their on-premise location. They have to ensure that data is automatically replicated to Azure.

They decide to include using Azure StorSimple as part of their storage solution

Would this fulfil the requirement?

Explanation:

Answer – A

Using StorSimple is an ideal solution for this case. This is a hybrid cloud solution. The Microsoft documentation mentions the following on the usage of StorSimple

For more information on StorSimple, please visit the below URL

https://docs.microsoft.com/en-us/azure/storsimple/storsimple-ova-overview

Ask our Experts
View Queries
Question 4

A company has deployed web applications onto Virtual Machines in 2 separate AZ's. They want to load balance traffic at Layer 7. They also want to protect web application from SQL injection attacks. Which of the following service would you use for this requirement?

Explanation:

Answer – C

The ideal solution for this is the Azure Application Gateway. This can be used to route traffic at Layer 7. This is also mentioned in the Microsoft documentation as mentioned below

  • Option A is incorrect since this can only load balance traffic at Layer 4.
  • Option B is incorrect since this is used to direct traffic as a DNS level.
  • Option D is incorrect since this is used to monitor, diagnose, and gain insights to your network performance and health
  • For more information on the Application gateway, please visit the below URL
Ask our Experts
View Queries
Question 5

A company has deployed web applications onto Virtual Machines in 2 separate regions. They want to load balance traffic at Layer 7. They also want to protect the web application from SQL injection attacks.

Which of the following feature would you use for this requirement?

Explanation:

Answer – D

This is clearly mentioned in the Microsoft documentation

Since this is clearly mentioned in the documentation, all other options are incorrect

For more information on the Web Application Firewall, please visit the below URL

https://docs.microsoft.com/en-us/azure/application-gateway/waf-overview

Ask our Experts
View Queries
Question 6

A company is planning on deploying an application onto Azure. The application will be based on the .Net core programming language. The application would be hosted using Azure Web apps. Below is part of the various requirements for the application

  • Gives the ability for the testing team to view the different components of an application and see the calls being made between the different application components
  • Helps business analyse how many users actually return to the application
  • Ensuring IT administrators get alerts based on critical conditions being met in the application

Which of the following service would be best suited for fulfilling the requirement of

“Gives the ability for the testing team to view the different components of an application and see the calls being made between the different application components”

Explanation:

Answer – A

This feature is part of the Application Insights tool. An example of this is given in the Microsoft documentation

Since this is clearly mentioned in the documentation, all other options are incorrect

For more information on Application map, please visit the below URL

https://docs.microsoft.com/en-us/azure/azure-monitor/app/app-map

Ask our Experts
View Queries
Question 7

A company is planning on deploying an application onto Azure. The application will be based on the .Net core programming language. The application would be hosted using Azure Web apps. Below is part of the various requirements for the application

  • Gives the ability for the testing team to view the different components of an application and see the calls being made between the different application components
  • Helps business analyse how many users actually return to the application
  • Ensuring IT administrators get alerts based on critical conditions being met in the application

Which of the following service would be best suited for fulfilling the requirement of

“Helps business analyse how many users actually return to the application”

Explanation:

Answer – A

This feature is part of the Application Insights tool. An example of this is given in the Microsoft documentation

Since this is clearly mentioned in the documentation, all other options are incorrect

For more information on the retention feature of Application Insights, please visit the below URL

https://docs.microsoft.com/en-us/azure/azure-monitor/app/usage-retention

Ask our Experts
View Queries
Question 8

A company is planning on deploying an application onto Azure. The application will be based on the .Net core programming language. The application would be hosted using Azure Web apps. Below is part of the various requirements for the application

  • Gives the ability for the testing team to view the different components of an application and see the calls being made between the different application components
  • Helps business analyse how many users actually return to the application
  • Ensuring IT administrators get alerts based on critical conditions being met in the application

Which of the following service would be best suited for fulfilling the requirement of

“Ensuring IT administrators get alerts based on critical conditions being met in the application”

Explanation:

Answer – B

This is a feature of Azure Monitor wherein you can use the Alerts feature. This is also mentioned in the Microsoft documentation

Since this is clearly mentioned in the documentation, all other options are incorrect

For more information on Azure Monitor, please visit the below URL

https://docs.microsoft.com/en-us/azure/azure-monitor/overview

Ask our Experts
View Queries
Question 9

A company is planning on moving their on-premise resources to Azure. They have 3 different applications that belong to different departments. Each application has a different requirement for business continuity as given below

  • HR Department - The application data needs to be retained for 3 years. From a disaster recovery perspective, the application needs to run from a different Azure region. The Recovery time objective would be 15 minutes
  • Logistics Department - Here the Service Management team wants to ensure that the application must be able to recover point in time data at a daily granularity level. The Recovery time objective would be 6 hours.
  • Procurement Department - Here the application must be able to failover to a secondary on-premise data center.

You have to recommend which service should be used by each department. You have to also ensure that costs are minimized.

Which of the following would you use for the HR Department?

Explanation:

Answer – C

You will need the Azure backup service for long term retention of data. The below except is from the Microsoft documentation on the retention of data in the Azure backup service

Option A is incorrect since you need to maintain backups for 3 years, for which you need to use the Azure backup service as well.

Option B is incorrect since you need Azure Site recovery as well to ensure the application can run off another region in case of a disaster

Option D is incorrect since Azure Migrate is used when you want to migrate VMware VM’s to Azure

For more information on Azure backup and Azure Site Recovery, please visit the below URL

https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-overview

https://docs.microsoft.com/en-us/azure/backup/backup-introduction-to-azure-backup

Ask our Experts
View Queries
Question 10

A company is planning on moving their on-premise resources to Azure. They have 3 different applications that belong to different departments. Each application has a different requirement for business continuity as given below

  • HR Department - The application data needs to be retained for 3 years. From a disaster recovery perspective, the application needs to run from a different Azure region. The Recovery time objective would be 15 minutes
  • Logistics Department - Here the Service Management team wants to ensure that the application must be able to recover point in time data at a daily granularity level. The Recovery time objective would be 6 hours.
  • Procurement Department - Here the application must be able to failover to a secondary on-premise data center.

You have to recommend which service should be used by each department. You have to also ensure that costs are minimized.

Which of the following would you use for the Logistics Department?

Explanation:

Answer – B

Use Azure Backup when you want to have backup data at a granular level. This is also mentioned as a different Azure Backup and Azure Site recovery in the Microsoft documentation

Options A and C is incorrect since here we only need to have backup’s in place

Option D is incorrect since Azure Migrate is used when you want to migrate VMware VM’s to Azure

For more information on Azure backup and Azure Site Recovery, please visit the below URL

https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-overview

https://docs.microsoft.com/en-us/azure/backup/backup-introduction-to-azure-backup

Ask our Experts
View Queries
Question 11

A company is planning on moving their on-premise resources to Azure. They have 3 different applications that belong to different departments. Each application has a different requirement for business continuity as given below

  • HR Department - The application data needs to be retained for 3 years. From a disaster recovery perspective, the application needs to run from a different Azure region. The Recovery time objective would be 15 minutes
  • Logistics Department - Here the Service Management team wants to ensure that the application must be able to recover point in time data at a daily granularity level. The Recovery time objective would be 6 hours.
  • Procurement Department - Here the application must be able to failover to a secondary on-premise data center.

You have to recommend which service should be used by each department. You have to also ensure that costs are minimized.

Which of the following would you use for the Procurement Department?

Explanation:

Answer – A

You can use the Azure Site Recovery service to ensure that you can failover your application to a secondary site. The below except is from the Microsoft documentation for Azure Site Recovery

Options B and C is incorrect since here we only need to use Azure Site Recovery for the failover.

Option D is incorrect since Azure Migrate is used when you want to migrate VMware VM’s to Azure

For more information on Azure backup and Azure Site Recovery, please visit the below URL

https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-overview

https://docs.microsoft.com/en-us/azure/backup/backup-introduction-to-azure-backup

Ask our Experts
View Queries
Question 12

A company has an Azure subscription. The company has launched virtual machines that uses unmanaged standard hard disk drives.

You need to develop a strategy for the virtual machines that would ensure that the virtual machines would be made available in the event of a region failure. The recovery time objective can be up to 5 days. Costs need to be minimized in the implementation.

Which of the following replication strategy would you incorporate for the storage account?

Explanation:

Answer – C

Since the disks need to be available in the event of a region failure you need to choose Geo-redundant storage. The Microsoft documentation mentions the following

Options A and B are incorrect since these storage accounts will not make the disks available in case of a region failure.

Option D is incorrect since we need to minimize on costs. We don’t need a read only copy for the disks.

For more information on storage redundancy, please visit the below URL

https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy

Ask our Experts
View Queries
Question 13

A company has an Azure subscription. The company has launched virtual machines that uses unmanaged standard hard disk drives.

You need to develop a strategy for the virtual machines that would ensure that the virtual machines would be made available in the event of a region failure. The recovery time objective can be up to 5 days. Costs need to be minimized in the implementation.

Which of the following would you use to recreate the virtual machine in case of a machine failure?

Explanation:

Answer – C

Since we need to minimize costs and the RTO is quite long, we can just use Resource Manager to recreate the virtual machine.

Option A is incorrect because this is a costly option for such a requirement.

Option B is incorrect because this is used as a hybrid cloud storage option

Option D is incorrect because this is used for implementing governance

For more information on resource manager templates, please visit the below URL

https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-authoring-templates

Ask our Experts
View Queries
Question 14

A company has setup an Azure subscription and an Azure tenant. They have purchased Premium P2 licences. There are different departments that have different requirements for managing identities.

Department

Requirement

Procurement

  • Get notifications whenever roles are activated
  • Provide just in time access to Azure resources

Human Resources

  • Ability to conduct access reviews

Logistics

  • Ensure Applications hosted on the virtual machines can safely access the Azure Key vault service

Which of the following would you suggest for the Procurement department?

Explanation:

Answer – C

This is clearly given in the Microsoft documentation wherein the Privileged Identity Management feature would fulfil these requirements

Since this is clearly mentioned, all other options are incorrect

For more information on privileged identity management, please visit the below URL

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

Ask our Experts
View Queries
Question 15

A company has setup an Azure subscription and an Azure tenant. They have purchased Premium P2 licences. There are different departments that have different requirements for managing identities.

Department

Requirement

Procurement

  • Get notifications whenever roles are activated
  • Provide just in time access to Azure resources

Human Resources

  • Ability to conduct access reviews

Logistics

  • Ensure Applications hosted on the virtual machines can safely access the Azure Key vault service

Which of the following would you suggest for the Human Resources department?

Explanation:

Answer - C

This is clearly given in the Microsoft documentation wherein the Privileged Identity Management feature would fulfil this requirement

Since this is clearly mentioned, all other options are incorrect

For more information on privileged identity management, please visit the below URL

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

Ask our Experts
View Queries
Question 16

A company has setup an Azure subscription and an Azure tenant. They have purchased Premium P2 licences. There are different departments that have different requirements for managing identities.

Department

Requirement

Procurement

  • Get notifications whenever roles are activated
  • Provide just in time access to Azure resources

Human Resources

  • Ability to conduct access reviews

Logistics

  • Ensure Applications hosted on the virtual machines can safely access the Azure Key vault service

Which of the following would you suggest for the Logistics department?

Explanation:

Answer - A

This is clearly given in the Microsoft documentation.

Since this is clearly mentioned, all other options are incorrect

Ask our Experts
View Queries
Question 17

A company needs to design an architecture that would meet the below requirements

  • Capture data with regards to creation of users and assignment of roles in their Azure account
  • All captured data must be sent to a CosmosDB account

You have to complete the below architecture diagram to fulfil the above requirements.

Which of the following would you suggest for Azure Service 1?

Explanation:

Answer – A

The Event Grid service is ideal for capturing different sort of events in Azure. So, since you need to capture events pertaining to the creation of users and assignment of roles, you can use the Event Grid service. The diagram representation of the Azure Event Grid service is given below.

So, on the left-hand side, you have different Azure resources for which you can receive events. And on the right-hand side, you have consumers. The event grid service can send data about the event onto the consumers.

Option B is incorrect since this is a Big data ingestion service

Option C is incorrect since this is a serverless compute service

Option D is incorrect since this is used for analysis of data sent to the log service in Azure

Option E is incorrect since this is a purely notification-based service

For more information on Azure Event Grids, please visit the below URL

https://docs.microsoft.com/en-us/azure/event-grid/overview

Ask our Experts
View Queries
Question 18

A company needs to design an architecture that would meet the below requirements

  • Capture data with regards to creation of users and assignment of roles in their Azure account
  • All captured data must be sent to a CosmosDB account

You have to complete the below architecture diagram to fulfil the above requirements.

Which of the following would you suggest for Azure Service 2?

Explanation:

Answer – C

Azure Functions is an ideal consumer for this requirement. The Azure Function can be programmed to receive the event data and then send it across to CosmosDB.

  • Option A is incorrect since this is the service to receive the data
  • Option B is incorrect since this is a Big data ingestion service
  • Option D is incorrect since this is used for analysis of data sent to the log service in Azure
  • Option E is incorrect since this is a purely notification-based service

 

Ask our Experts
View Queries
Question 19

A company named Whizlabs has just setup an Azure AD tenant. They need to deploy 2 applications to Azure, OnlineQuiz and OnlineForum. Below are the key authentication requirements for the applications

  • OnlineQuiz Application - Users should be able to authenticate using a personal Microsoft account and multi-factor authentication or using other providers such as facebook.
  • OnlineForum Application - Users should be able to authenticate using either a personal Microsoft account or using the credentials of Whizlabs. The accounts should be managed via Azure AD

Which authentication mechanism would you recommend for the OnlineQuiz application?

Explanation:

Answer – A

If you look at the authentication providers possible with Azure B2C, you can see that you can use a Microsoft account. This is provided in the Microsoft documentation.

If also supports Multi-factor authentication as shown below

Option B is incorrect since this is normally used when you want to allow authentication of users from other companies.

Options C and D are incorrect since this is normally only used for Microsoft based accounts

For more information on Azure B2C, please visit the below URL

https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-overview

Ask our Experts
View Queries
Question 20

A company named Whizlabs has just setup an Azure AD tenant. They need to deploy 2 applications to Azure, OnlineQuiz and OnlineForum. Below are the key authentication requirements for the applications

  • OnlineQuiz Application - Users should be able to authenticate using a personal Microsoft account and multi-factor authentication or using other providers such as facebook.
  • OnlineForum Application - Users should be able to authenticate using either a personal Microsoft account or using the credentials of Whizlabs. The accounts should be managed via Azure AD

Which authentication mechanism would you recommend for the OnlineForum application?

Explanation:

Answer – D

Azure AD v2.0 endpoint is best suited for this, since it supports both Work and personal accounts as shown below

Option A is incorrect since this is normally used for user authentication with other identity providers besides Microsoft.

Option B is incorrect since this is normally used when you want to allow authentication of users from other companies.

Option C is incorrect since it does not support Personal accounts

For more information on the Microsoft identity platform, please visit the below URL

https://docs.microsoft.com/en-us/azure/active-directory/develop/about-microsoft-identity-platform

Ask our Experts
View Queries
Question 21

A company has the requirement to have an automated process in place which would upload logs to an Azure SQL database every week. Reports would then be generated from the SQL database. Which of the following would you use for this requirement?

Explanation:

Answer – B

You can use the Azure Data Factory to create a pipeline that can be used to copy data. Below is an excerpt from the Microsoft documentation on the connector for SQL server.

Option A is incorrect since this is used for copying data from Azure storage accounts to on-premise and vice versa

Option C is incorrect since this is used to run Big data open source frameworks

Option D is incorrect since this is used to migrate data between SQL servers.

For more information on Azure Data Factory connector for SQL, please visit the below URL

https://docs.microsoft.com/en-us/azure/data-factory/connector-sql-server

Ask our Experts
View Queries
Question 22

A company has deployed an API management instance. They need a solution to protect the API from a DDoS (Distributed denial of service) attack. Which of the following could be recommended for this requirement?

Explanation:

Answer – B

You can protect the number of calls to the API by using rate limiting. Below is what is mentioned in the Microsoft documentation

Option A is incorrect since this is used for protecting traffic flowing into Virtual Machines

Option C is incorrect since this is used to limit the calls based on the subscription

Option D is incorrect since this is used for authentication for API's

For more information on transforming and protecting an API, please visit the below URL

https://docs.microsoft.com/en-us/azure/api-management/transform-api

Ask our Experts
View Queries
Question 23

A company has created 2 virtual networks, one in the Central US and the other in the East US region. There is a requirement to ensure that Virtual Machines on the Virtual Networks are able to communicate with each other using their private IP addresses. You also need to ensure low latency access between the Virtual machines. You also need to ensure that the solution is cost effective.

You decide to implement Virtual Network Peering.

Does this fulfil the requirement?

Explanation:

Answer – A

You can implement Virtual Network Peering for this requirement. Below is what the is mentioned in the Microsoft documentation.

For more information on Virtual Network Peering, please visit the below URL

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview

Ask our Experts
View Queries
Question 24

A company has created 2 virtual networks, one in the Central US and the other in the East US region. There is a requirement to ensure that Virtual Machines on the Virtual Networks are able to communicate with each other using their private IP addresses. You also need to ensure low latency access between the Virtual machines. You also need to ensure that the solution is cost effective.

You decide to implement an Express Route connection

Does this fulfil the requirement?

Explanation:

Answer – B

This type of connection is generally used to extend on-premise infrastructure to Azure. Below is what is mentioned in the Microsoft documentation

For more information on Express Route connections, please visit the below URL

https://docs.microsoft.com/en-us/azure/expressroute/expressroute-introduction

Ask our Experts
View Queries
Question 25

A company has created 2 virtual networks, one in the Central US and the other in the East US region. There is a requirement to ensure that Virtual Machines on the Virtual Networks are able to communicate with each other using their private IP addresses. You also need to ensure low latency access between the Virtual machines. You also need to ensure that the solution is cost effective.

You decide to implement custom route tables.

Does this fulfil the requirement?

Explanation:

Answer – B

In the question there is no special mention on routing traffic. Hence custom route tables don’t need to be part of the implementation.

For more information on Virtual Network routing, please visit the below URL

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview

Ask our Experts
View Queries
Question 26

A company currently has around 100 Virtual Machines running on their on-premise infrastructure. There is a plan to move the Virtual machines to Azure. The Virtual machines are running on a VMWare environment. The Virtual machines run different types of workloads. You need to prepare a report on the capacity requirement for the Virtual Machines that need to be created in Azure for the migration. Which of the following would you use for this purpose?

Explanation:

Answer – C

The Azure Migrate tool is the perfect tool for this scenario. The Microsoft documentation mentions the following

Options A and B are incorrect since these are normally used for cost management once you are already using resources in Azure

Option D is incorrect since this is used for backup and recovery purposes

For more information on Azure Migrate, please visit the below URL

https://docs.microsoft.com/en-us/azure/migrate/migrate-overview

Ask our Experts
View Queries
Question 27

A company has multiple offices and an Azure subscription. The company wants to implement a data storage solution for their on-premise servers hosted in the various offices. The servers are hosted on Hyper-V.

  • The servers must be able to connect to a central storage device by using iSCSI connections
  • Data that is stored in the central device needs to be uploaded to Azure automatically
  • Minimize the maintenance of the solution

Which of the following would you look to implement for the offices?

Explanation:

Answer – C

The StorSimple Virtual Array is a good solution for having hybrid cloud storage. Here on-premise devices can connect using iSCSI. And then data gets retained to Azure. The Microsoft documentation mentions the following

Option A is incorrect since Azure files shares are useful when devices need to connect using the SMB protocol.

Option B is incorrect since this is used for backup and recovery services along with Azure Site Recovery

Option D is incorrect since this would only be part of a solution. And it would also lead to high maintenance of the overall solution

For more information on Azure StorSimple Virtual Array, please visit the below URL

https://docs.microsoft.com/en-us/azure/storsimple/storsimple-ova-overview

Ask our Experts
View Queries
Question 28

A company has multiple offices and an Azure subscription. The company wants to implement a data storage solution for their on-premise servers hosted in the various offices. The servers are hosted on Hyper-V.

  • The servers must be able to connect to a central storage device by using iSCSI connections
  • Data that is stored in the central device needs to be uploaded to Azure automatically
  • Minimize the maintenance of the solution

Based on the tool being used, which of the following would you plan to setup in Azure?

Explanation:

Answer – D

When you look at the pre-requisites for the setup of StorSimple Virtual Array, you can see that you need to also have a storage account in place. This is also given in the Microsoft documentation

Since this is clearly given in the documentation, all other options are incorrect

For more information on deploying StorSimple Virtual Array, please visit the below URL

https://docs.microsoft.com/en-us/azure/storsimple/storsimple-virtual-array-deploy1-portal-prep

Ask our Experts
View Queries
Question 29

A company has just setup an Azure subscription. They have offices located in Mumbai and Hyderabad.

They are now planning their network connectivity strategy. They have the following networks defined in Azure. 

Virtual Network Name

Address space

Region

whizlab-network1

10.0.1.0/24

North Europe

whizlab-network2

10.0.2.0/24

West Europe

The networks have the following subnets defined

Subnet Name

Virtual Network

SubnetA

whizlab-network1

SubnetB

whizlab-network2

The company has the following requirements when it comes to connectivity

  • The Virtual Machines hosted in SubnetA must only be accessible to clients located in the Mumbai office
  • IT administrators working on dedicated workstations must have access to the Virtual Machines in SubnetA over the Internet on a specific TCP/IP management port
  • The Azure Virtual Machines hosted in the whizlab-network1 must be able to communicate on all ports to Azure Virtual Machines hosted in whizlab-network2

Which of the following architecture would you recommend to ensure VM in SubnetA can be accessible to client located at Mumbai Office?

Explanation:

Answer – B

A site-to-site VPN connection can be used to connect on-premise infrastructure onto Azure. Below is what is mentioned in the Microsoft documentation

Option A is incorrect since this is used to connect 2 Virtual Networks in Azure together.

Option C is incorrect since this is used to control traffic flowing into and out of Azure Virtual Machines

Option D is incorrect since this is not required

For more information on deploying a site-to-site VPN connection, please visit the below URL

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal

Ask our Experts
View Queries
Question 30

A company has just setup an Azure subscription. They have offices located in Mumbai and Hyderabad.

They are now planning their network connectivity strategy. They have the following networks defined in Azure. 

Virtual Network Name

Address space

Region

whizlab-network1

10.0.1.0/24

North Europe

whizlab-network2

10.0.2.0/24

West Europe

The networks have the following subnets defined

Subnet Name

Virtual Network

SubnetA

whizlab-network1

SubnetB

whizlab-network2

The company has the following requirements when it comes to connectivity

  1. The Virtual Machines hosted in SubnetA must only be accessible to clients located in the Mumbai office
  2. IT administrators working on dedicated workstations must have access to the Virtual Machines in SubnetA over the Internet on a specific TCP/IP management port
  3. The Azure Virtual Machines hosted in the whizlab-network1 must be able to communicate on all ports to Azure Virtual Machines hosted in whizlab-network2

Which of the following would you use to fulfill the requirement of Point No. 2 aforementioned?

Explanation:

Answer – C

You can use Network Security Groups to define the traffic flow rules into and out of Virtual Machines. Below is what is mentioned in the Microsoft documentation

  • Option A is incorrect since this is used to connect 2 Virtual Networks in Azure together.
  • Option B is incorrect since this is used to on-premise infrastructure to Azure Virtual Networks
  • Option D is incorrect since this is not required
  • For more information on network security , please visit the below URL
Ask our Experts
View Queries
Question 31

A company has just setup an Azure subscription. They have offices located in Mumbai and Hyderabad.

They are now planning their network connectivity strategy. They have the following networks defined in Azure. 

Virtual Network Name

Address space

Region

whizlab-network1

10.0.1.0/24

North Europe

whizlab-network2

10.0.2.0/24

West Europe

The networks have the following subnets defined

Subnet Name

Virtual Network

SubnetA

whizlab-network1

SubnetB

whizlab-network2

The company has the following requirements when it comes to connectivity

  • The Virtual Machines hosted in SubnetA must only be accessible to clients located in the Mumbai office
  • IT administrators working on dedicated workstations must have access to the Virtual Machines in SubnetA over the Internet on a specific TCP/IP management port
  • The Azure Virtual Machines hosted in the whizlab-network1 must be able to communicate on all ports to Azure Virtual Machines hosted in whizlab-network2

Which of the following would you use for this purpose?

  • The Azure Virtual Machines hosted in the whizlab-network2 must be able to communicate on all ports to Azure Virtual Machines hosted in whizlab-network1.
Explanation:

Answer – A

  • Option B is incorrect since this is used to on-premise infrastructure to Azure Virtual Networks
  • Option C is incorrect since this is used to control traffic flowing into and out of Azure Virtual Machines
  • Option D is incorrect since this is not required

You can connect Virtual Networks together using Virtual Network Peering across regions. Below is what is mentioned in the Microsoft documentation

For more information on virtual network peering, please visit the below URL

Ask our Experts
View Queries
Question 32

What is the minimum number of Azure tenants that need to be setup?

Explanation:

Answer – B

Since there is only one forest that needs to be synced with Azure AD, one can opt for having one Azure AD tenant. This is the simplest form of connectivity as shown below

Since this is the ideal approach , all other options are incorrect

For more information on hybrid connections with Active Directory, please visit the below URL

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies

Ask our Experts
View Queries
Question 33

What is the minimum number of custom domains to add to Azure AD?

Explanation:

Answer – B

Since users need to authenticate via the UPN’s associated with the quiz.whizlabs.com forest, you just need to create one custom domain in Azure AD. That custom domain will be quiz.whizlabs.com.

The Microsoft documentation mentions the following

Since this is the recommended answer, all other options are incorrect.

For more information on adding custom domains, please visit the below URL

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-custom-domain

Ask our Experts
View Queries
Question 34

What is the minimum number of conditional access policies that need to be created?

Explanation:

Answer – B

Since baseline policies will be deprecated and we need to move to the new security defaults policy or to Conditional Access.

You just need to enable this conditional access policy. For more information on baseline protection via conditional access policies, please visit the below URL

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/whats-new#replacement-of-baseline-policies-with-security-defaults

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/baseline-protection

Ask our Experts
View Queries
Question 35

A company has SQL Server at there on-premise, and you need to recommend how to setup the data store for hosting the SQL database in Azure. Which of the following would you recommend?

Explanation:

Answer – D

Since the company already has existing Microsoft licences with software assurance, they can opt for a hybrid model in which they can benefit from huge discounts. This is also given in the Microsoft documentation.

Options A and C are incorrect since here you cannot use the Hybrid benefit from a licensing perspective.

Option B is incorrect since you would need to invest extra on the Virtual machine itself

For more information on vCore based licensing, please visit the below URL

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-service-tiers-vcore

Ask our Experts
View Queries
Question 36

You need to recommend the approach to transferring the data from the on-premise SQL server to the SQL server on Azure. Which of the following would you recommend?

Explanation:

Answer – B

The ideal approach is to use a BACPAC file. This is also given in the Microsoft documentation.

Since this is clearly mentioned, all other options are incorrect

For more information on SQL database import, please visit the below URL

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-import

Ask our Experts
View Queries
Question 37

A strategy needs to be recommended for the Web application – “whizlab-app”. The loads on the application would be unpredictable. It needs to be ensured that the application can sustain itself at high workloads. Also, it needs to be ensured that costs are being minimized at lower workloads. Which of the following would you recommend?

Explanation:

Answer – B

Since the case study does mention that PaaS solutions should be used, hence we need to use Azure Web apps for this solution and not Virtual Machine Scale Sets. Hence option C and D are eliminated.

Option A is wrong: Scale Up - is an operation that's Azure Web Sites cloud equivalent of moving your non-cloud web site to a bigger physical server.  It's useful to consider when your site is hitting a quota, signaling that you are outgrowing your existing mode or options.  In addition, it can be done on virtually any site without worrying about the implications of multi-instances data consistency.

To ensure that the web app can scale based on demand, we need to use the Scale Out settings as shown below

1) First go to the Scale out settings for the Web App

2) Then click on Enable autoscale

Then add the required conditions for the scaling process

Ask our Experts
View Queries
Question 38

The following architecture is being recommended for the Web application

Would this architecture support redundancy for the web application?

Explanation:

Answer – A

Here you can use the priority traffic routing method which would automatically failover the Web application if it detects a failure in the primary region. The Microsoft documentation mentions the following

For more information on the priority routing method, please visit the below URL

https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods#priority

Ask our Experts
View Queries
Question 39

The following architecture is being recommended for the Web application

Would this architecture support autoscaling for the web application?

Explanation:

Answer – A

Azure App Service enables you to build and host web apps, mobile back ends, and RESTful APIs in the programming language of your choice without managing infrastructure. It offers auto-scaling and high availability, supports both Windows and Linux, and enables automated deployments from GitHub, Azure DevOps, or any Git repo. Learn how to use Azure App Service with our quickstarts, tutorials, and samples.

Ask our Experts
View Queries
Question 40

The following architecture is being recommended for the Web application

Would this architecture require a manual configuration if an Azure region fails?

Explanation:

Answer – B

Here you can use the priority traffic routing method which would automatically failover the Web application if it detects a failure in the primary region. The Microsoft documentation mentions the following

For more information on the priority routing method, please visit the below URL

https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods#priority

Ask our Experts
View Queries
Question 41

Which of the following should be recommended for the database retention period?

Explanation:

Answer – A

You can use the long-term retention feature as mentioned in the Microsoft documentation below

Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect

For more information on database long term retention, please visit the below URL

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-long-term-retention

Ask our Experts
View Queries
Question 42

You need to decide on whether Azure storage is required for the various requirements of the case study

Would you need to provision an Azure storage account for the SQL Server database migration?

Explanation:

Answer – B

By default when working with SQL Server database migration, we do not need any Azure Storage.  This migration task can be done using Data Migration Service.

For reference please find the link below.

https://docs.microsoft.com/en-us/azure/dms/dms-overview

Note

If we work with BACPAC file, the we would need a storage account to store the file, which will be needed for the SQL database import. The BACPAC file will need to be stored in Azure BLOB storage

For more information on SQL database import, please visit the below URL

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-import

Ask our Experts
View Queries
Question 43

You need to decide on whether Azure storage is required for the various requirements of the case study

Would you need to provision an Azure storage account for Web site content?

Explanation:

Answer - B

When you choose an App Service plan for an Azure Web app, it normally comes along with storage. An example is given below

So, you don’t need a separate storage account for web site content.

For more information on App Service Plans, please visit the below URL

https://docs.microsoft.com/en-us/azure/app-service/overview-hosting-plans

Ask our Experts
View Queries
Question 44

You need to decide on whether Azure storage is required for the various requirements of the case study

Would you need to provision an Azure storage account for database metric monitoring?

Explanation:

Answer – A

The case study mentions that we need to have the database metrics in place for further analysis.  So, we need to persists the logs and metrics for the database. One way as mentioned below is to use Azure Storage accounts.

Ask our Experts
View Queries
Question 45

An application needs to be deployed onto Azure. This application will be hosted on a set of Virtual Machines. The below set of rules need to apply when it comes to diverting traffic for users

You need to setup the correct appliance which could be used to fulfil these requirements. Which of the following would you implement?

Explanation:

Answer – C

You can use the URL routing feature of the application gateway as shown below

Option A is incorrect since this is used to divert traffic based on DNS to multiple regions

Option B is incorrect since this can’t be used to divert traffic

Option D is incorrect since this is used to divert traffic from a Virtual Network over a VPN connection

For more information on the application gateway, please go ahead and visit the below URL

https://docs.microsoft.com/en-us/azure/application-gateway/overview

Ask our Experts
View Queries
Question 46

A company needs to run an application that would be processing thousands of images at the same time. They need to have an ideal compute solution designed in Azure to handle the high scale processing of the images.

You decide to implement Azure Web Apps as part of the solution

Does this meet the requirement?

Explanation:

Answer – B

The Azure Web App service is used to run primarily web applications and cannot be used for high compute intensive parallel processing jobs.

For more information on Azure Web Apps, please go ahead and visit the below URL

https://azure.microsoft.com/en-us/services/app-service/web/

Ask our Experts
View Queries
Question 47

A company has an application running as part of Azure Web Apps. A database is being hosted in a Virtual Network. There is a requirement to ensure that the web app can access a cluster of databases installed on multiple VM in hybrid architect without the need of exposing a public endpoint.

You decide to implement Azure Batch jobs as part of the solution

Does this meet the requirement?

Explanation:

Answer: B

The requirement is connectivity between Web App and SQL database servers without the need to exposing public endpoints.
The solution should be : 
Virtual Network Rules or Private IP of the database server

Ask our Experts
View Queries
Question 48

A company has an application running as part of Azure Web Apps. A database is being hosted in a Virtual Network. There is a requirement to ensure that the web app can access a cluster of databases installed on multiple VM in hybrid architect without the need of exposing a public endpoint.

You decide to deploy an HPC Pack to Azure.

Does this meet the requirement?

Explanation:

Answer – A

Yes, this can be done with the help of deploying HPC Pack to Azure. The Microsoft documentation mentions the following

For more information on High performance computing, please go ahead and visit the below URL

https://docs.microsoft.com/en-us/azure/architecture/guide/architecture-styles/big-compute

Ask our Experts
View Queries
Question 49

A company currently has an on-premise infrastructure that consists of

  • An Active directory domain named whizlab.com
  • Active Directory Federation services
  • Application Proxy servers for external connection

The company has recently setup an Azure AD tenant. They have also setup Azure AD Connect for the synchronization of users from the on-premise AD to Azure AD. They have the following additional requirements

  • Ability to monitor the solutions that integrate with Azure AD
  • Identify any potential issues in AD FS
  • Identify any directory synchronization issues

You need to identify the right monitoring solution for each type of server

Which of the following would you use to monitor the AD FS servers?

Explanation:

Answer – B

Azure AD Connect Health has the ability to monitor AD FS servers as well. If you see the Microsoft documentation, you can clearly see the option present.

Since this is clearly mentioned in the documentation, all other options are incorrect

Ask our Experts
View Queries
Question 50

A company currently has an on-premise infrastructure that consists of

  • An Active directory domain named whizlab.com
  • Active Directory Federation services
  • Application Proxy servers for external connection

The company has recently setup an Azure AD tenant. They have also setup Azure AD Connect for the synchronization of users from the on-premise AD to Azure AD. They have the following additional requirements

  • Ability to monitor the solutions that integrate with Azure AD
  • Identity any potential issues in AD FS
  • Identify any directory synchronization issues

You need to identify the right monitoring solution for each type of server

Which of the following would you use to monitor the AD Connect Servers?

Explanation:

Answer - B

Azure AD Connect Health has the ability to monitor all AD Connect Servers and check for any synchronization issues. If you see the Microsoft documentation, you can clearly see the option present.

Since this is clearly mentioned in the documentation, all other options are incorrect

For more information on Azure AD Connect, please go ahead and visit the below URL

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-azure-ad-connect

Ask our Experts
View Queries
Question 51

A company currently has an on-premise infrastructure that consists of

  • An Active directory domain named whizlab.com
  • Active Directory Federation services
  • Application Proxy servers for external connection

The company has recently setup an Azure AD tenant. They have also setup Azure AD Connect for the synchronization of users from the on-premise AD to Azure AD. They have the following additional requirements

  • Ability to monitor the solutions that integrate with Azure AD
  • Identity any potential issues in AD FS
  • Identify any directory synchronization issues

You need to identify the right monitoring solution for each type of server

Which of the following would you use to monitor the web application proxy servers?

Explanation:

Answer – B

Azure AD Connect Health can also be used to monitor web application proxy servers as well.

This is given in the Microsoft documentation

Since this is clearly mentioned in the documentation, all other options are incorrect

For more information on Azure AD Connect, please go ahead and visit the below URL

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-azure-ad-connect

Ask our Experts
View Queries
Question 52

A company has an Azure storage account. The storage account needs to be configured in such a way that it is only accessible from one specific Azure Virtual Network. You have to ensure that the storage account is not accessible from the Internet. Which of the following would you use to implement this requirement?

Explanation:

Answer – D

The Microsoft documentation mentions the following

Virtual Network (VNet) service endpoints extend your virtual network private address space and the identity of your VNet to the Azure services, over a direct connection. Endpoints allow you to secure your critical Azure service resources to only your virtual networks. Traffic from your VNet to the Azure service always remains on the Microsoft Azure backbone network.  VNET ACL also has to be configured on the Azure service.

Option A is incorrect since this is just used to manage the traffic into a subnet or network interface

Option B is incorrect since this is used for content delivery

Option C is incorrect since this is used only if you want to have HTTPS data transfer for the storage account

For more information on Virtual Networks service endpoint, please visit the below URL

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview

https://docs.microsoft.com/bs-cyrl-ba/azure//mysql/concepts-data-access-and-security-vnet

Ask our Experts
View Queries
Question 53

A company has developed a web service that is made available on a virtual machine deployed to a subnet in the Virtual network whizlab-network.

An API Management service has been deployed, which will provide access to the API service hosted on the Virtual Machine.

Consultant companies must be able to connect to the API over the Internet.

Below is the configuration of the API management gateway instance

Based on the configuration, would the API be available to the consultants over the Internet?

Explanation:

Answer – A

An example of this configuration is given in the Microsoft documentation. By choosing the External option, the API management gateway instance would also be available over the Internet

For more information on using the API Management instance along with Virtual Networks, please visit the below URL

https://docs.microsoft.com/en-us/azure/api-management/api-management-using-with-vnet

Ask our Experts
View Queries
Question 54

A company has developed a web service that is made available on a virtual machine deployed to a subnet in the Virtual network whizlab-network.

An API Management service has been deployed, which will provide access to the API service hosted on the Virtual Machine.

Consultant companies must be able to connect to the API over the Internet.

Below is the configuration of the API management gateway instance

Based on the configuration, would the gateway be able to access the data from the Virtual Machine?

Explanation:

Answer - A

Yes, since the gateway is attached to the Virtual Network, it would have access to the Virtual Network.

An example of this is given in the Microsoft documentation

For more information on using the API Management instance along with Virtual Networks, please visit the below URL

https://docs.microsoft.com/en-us/azure/api-management/api-management-using-with-vnet

Ask our Experts
View Queries
Question 55

A company has developed a web service that is made available on a virtual machine deployed to a subnet in the Virtual network whizlab-network.

An API Management service has been deployed, which will provide access to the API service hosted on the Virtual Machine.

Consultant companies must be able to connect to the API over the Internet.

Below is the configuration of the API management gateway instance

Based on the configuration, would a VPN gateway be required for consultant access?

Explanation:

Answer – B

An example of this configuration is given in the Microsoft documentation. By choosing the External option, the API management gateway instance would also be available over the Internet. Hence a VPN gateway would not be required for access for the consultants.

For more information on using the API Management instance along with Virtual Networks, please visit the below URL

https://docs.microsoft.com/en-us/azure/api-management/api-management-using-with-vnet

Ask our Experts
View Queries